backtop


Print 65 comment(s) - last by sarfralogy.. on Apr 30 at 1:12 PM

Kaspersky says Apple needs to change its approach to updates and patches for its machines

Computer security company Kaspersky Labs said that Apple is at least 10 years behind Microsoft when it comes to security.

Eugene Kaspersky, co-founder of Kaspersky Lab, discussed the security of both PCs and Macs at the Info Security 2012 event. He concluded that Apple's security is far behind Microsoft's, and that Apple will need to change its ways when it comes to updates and patches.

According to Kaspersky, Macs are becoming increasingly targeted by malware due to increased Mac sales. In Q2 2012, Apple sold 4 million Macs, which was a 7 percent boost from Q2 2011. Cyber criminals are starting to notice that these computers are becoming more popular and are easy targets for malware attacks.

Earlier this month, Apple finally admitted that its machines have been prone to malware problems. It has had issues with Flashback trojan, also known as Flashfake. This particular trojan disguises itself as an install Java applet on hijacked sites, and when users approve it, the trojan runs a piece of code that exploits a flaw in Java to remove OS X's anti-malware abilities. It also installs alternative control programs, turning the machines into bots.

"Apple is now entering the same world as Microsoft has been in for more than 10 years: updates, security patches and so on," said Kaspersky. "We now expect to see more and more because cyber criminals learn from success and this was the first successful one.

"They will understand very soon that they have the same problems Microsoft had ten or 12 years ago. They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software. That's what Microsoft did in the past after so many incidents like Blaster and the more complicated worms that infected millions of computers in a short time. They had to do a lot of work to check the code to find mistakes and vulnerabilities. Now it's time for Apple [to do that]."

According to Kaspersky, Flashback infected about 600,000 machines worldwide (approximately 3,000 in the U.S.) at its peak where 98 percent of these machines were Macs.

"I think they are ten years behind Microsoft in terms of security," said Kaspersky. "For many years I've been saying that from a security point of view there is no big difference between Mac and Windows. It's always been possible to develop Mac malware, but this one was a bit different. For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms."

Source: CBR



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Misleading comments
By Argon18 on 4/26/2012 4:18:54 PM , Rating: 0
In all seriousness, Macs do not get viruses. Nor does Linux. Nor does any commercial UNIX. They never have and they never will.

Windows is the only OS plagued by viruses.

Note that I'm using the word virus. A virus is self propagating, and does not require user intervention or social engineering.

Apple's recent malware has all been Trojans. A Trojan relies solely on social engineering to spread and infect. It convinces the user that it is something legitimate, and fools them into installing it.

A Trojan is a very different thing than a Virus.

If I make a Windows batch file that contains "format c:" and I email it to you, and say hey, run this awesome new game! And you run it and it formats your c drive. That's a trojan. It is not a technical deficiency in your OS. It's a simple scam. I've tricked you. It's social engineering.

So yes, a Mac is susceptible to social engineering. Just like Windows is. The big difference however, is that a Mac (and Linux and UNIX) does not, and will not ever get viruses.




RE: Misleading comments
By borismkv on 4/26/2012 9:52:40 PM , Rating: 2
If you make a batch file that containts format c: it will fail. Windows doesn't allow you to format a system disk anymore, and hasn't for over 12 years.

But since you're using the narrow definition of the word "Virus" go ahead and name the last major virus outbreak on Windows computers. I mean, you know *so* much about this subject.

Unless you don't, which is actually the case. Modern outbreaks (using the narrow Virus definition) are almost non-existent now because most infections are hybrids of *multiple* definitions for malicious software, or any kind of software that is designed with malicious intent in mind. A single piece of malware can use any number of techniques including self-replication, social engineering, etc. But since you haven't used anything but Linux or OSX since...ever, I imagine you don't actually know a damn thing about security and are just yanking crap off Wikipedia and pretending.


RE: Misleading comments
By borismkv on 4/26/2012 9:53:55 PM , Rating: 3
quote:
Windows doesn't allow you to format a system disk anymore


Slight correction, it doesn't let you format a system disk while the OS is running. You have to boot from another source in order to format a system disk.


RE: Misleading comments
By GatoRat on 4/26/2012 10:40:17 PM , Rating: 3
Surely you are aware that the first virus was on UNIX. There have, in fact, been many computer viruses on UNIX. All operating systems that communicate with other operating systems are vulnerable. No exceptions.


RE: Misleading comments
By adiposity on 4/27/2012 1:23:52 PM , Rating: 2
quote:
In all seriousness, Macs do not get viruses. Nor does Linux. Nor does any commercial UNIX. They never have and they never will. Windows is the only OS plagued by viruses.


A computer virus is any "app" that can spread itself (typically without user consent). As such, your statement above is bunk. It has been a very long time since windows users have seen the kind of viruses that would attach themselves to EXEs and spread through that method. On the other hand, network spreadable viruses are an issue on windows. E-mail spreadable viruses are even worse.

If you think Mac OS or Linux are free from network/e-mail spreadable viruses you are either deluded or uninformed. They are just as vulnerable as any OS if an exploit is found (which they have been, many times on Mac and Linux).

Yes, trojans tend to be more of an issue because people are easy to trick. And trojans don't require sophistication, although more than "format c:" is required. But computer viruses, in the original sense of the word still exist and can affect all platforms.

If anything, Mac is more safe because of the low numbers of Macs. It is difficult to spread when you can't find the next host to jump to.


"I'd be pissed too, but you didn't have to go all Minority Report on his ass!" -- Jon Stewart on police raiding Gizmodo editor Jason Chen's home














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki